DaloyJS

Search docs

Jump between documentation pages.

Browse docs

Installation

DaloyJS targets Node.js ≥ 24.0.0 (active LTS) and is distributed on the public npm registry as @daloyjs/core. The package has no peer dependencies, so npm, yarn, pnpm, and bun can all install it directly. We recommend pnpm together with the hardened .npmrc defaults below for supply-chain reasons, but it is not required. The engines.pnpm entry in package.json is advisory metadata, while engines.node communicates the supported runtime and may warn or fail depending on your package manager and engine-strict settings.

Two ways in
  1. 01fastestScaffoldpnpm create daloy@latest
  2. 02orInstall into a projectpnpm add @daloyjs/core zod
  3. 03hardenAdd .npmrc defaultsstrict-peer-dependencies, frozen lockfile
  4. 04confirmVerify the importnode -e import('@daloyjs/core')
Either scaffold a hardened project in one command or add the dependency-free package to an existing one, then drop in the hardened .npmrc and verify the import resolves.

Fastest path: scaffold a project

Use the official generator, it sets up a hardened .npmrc, strict TypeScript, and a working route in one command.

Package links: create-daloy on npm and @daloyjs/core on npm.

bash
# choose one package manager
pnpm create daloy@latest my-api
npm  create daloy@latest my-api
yarn create daloy           my-api
bun  create daloy           my-api

See Scaffold a project for templates and flags.

Or install into an existing project

Prerequisites

  • Node.js 24.0.0 or newer (active LTS).
  • A package manager. Any of these works, pnpm 11.x or newer is recommended for supply-chain hardening, but npm, yarn, and bun install @daloyjs/core cleanly because the package has no peer dependencies.

To enable pnpm via Corepack:

bash
corepack enable
corepack prepare pnpm@11.1.3 --activate
pnpm --version

Install DaloyJS

bash
# choose one package manager
pnpm add @daloyjs/core zod
npm  install @daloyjs/core zod
yarn add     @daloyjs/core zod
bun  add     @daloyjs/core zod
# optional - only if you want to generate a typed SDK
pnpm add -D typescript @hey-api/openapi-ts prettier
npm  install -D typescript @hey-api/openapi-ts prettier
yarn add -D     typescript @hey-api/openapi-ts prettier
bun  add -d     typescript @hey-api/openapi-ts prettier

The framework package published to npm is @daloyjs/core.

Hardened .npmrc

Drop this .npmrc in your project root to make pnpm reject unsafe installs by default:

ini
auto-install-peers=true
strict-peer-dependencies=true
prefer-frozen-lockfile=true
verify-store-integrity=true
minimum-release-age=1440
ignore-scripts=true

Read the rationale in Security and the pnpm motivation guide.

Verify

Run this from the project root after installing, it works the same under pnpm, npm, yarn, or bun because it shells straight to node:

bash
node -e "import('@daloyjs/core').then(m => console.log('DaloyJS ok →', Object.keys(m).slice(0, 6)))"

Next

Continue with Getting started to write your first route.